Since 17th September 2018 when FDPPI was born, FDPPI has traversed a long journey in a relatively short time.
In order to keep on record some of the developments for the information of new members who are joining the organization, I try to give below a brief narration of the developments.
Details about FDPPI constitution, membership etc is available at different sections of this website.
In essence, FDPPI is an organization of the Data Protection Professionals, for the Data Protection Community. The “Supporting Members” are the delivery channels through which FDPPI renders its services to the community.
Individual members are provided with many services for knowledge enhancement, Certification and Career advancement as explained here. Additionally Companies are provided with “Corporates Services” to help them in implementing Data Protection
One of the first objectives of FDPPI was to spread awareness of Privacy and Data protection in India so that India does not lag behind the world in the field of Data Protection. Accordingly, FDPPI started with a series of weekly webinars under the “Jnaana vardhini Series”.
Upto end 2020, 54 webinar sessions had been conducted and in 2021, so far 4 sessions have been conducted. In these 58 sessions, FDPPI has tried to disseminate knowledge about Privacy and Data Protection. Most of these sessions are available as video recordings in YouTube.
Additionally a messaging group “FDPPI Knowledge Group” functions on Telegram and doubles up as a communication between members and other guests who have been admitted to the group and also to spread knowledge through discussions. Since most of the members are themselves experts in the field knowledge acquired by sharing is immeasurable.
In addition to the weekly webinars FDPPI members have been conducting free educative sessions on many other forums and created a treasure house of knowledge for persons who would like to understand the Data Protection and related concepts.
Indian Data Protection Summit 2020
As a further step towards spread of professional knowledge, FDPPI conducted the Indian Data Protection Summit 2020 as a virtual summit along with the Bangalore Tech Summit held by the Government of Karnataka in November 2020.
In a further bid to provide professional certification programs, FDPPI created a series of Certification programs namely
a) Certified Data Protection Professional-Module I (Covering Indian Data Protection Law)
b) Certified Data Protection Professional-Module G (Covering Global Data Protection Laws)
c) Certified Data Protection Professional-Module A (Covering Data Audit Skills)
These certifications were offered independently as a part of a 5 module larger program in which modules on Technology and Behavioural Skills are due to be introduced in future.
Each of these programs were conducted as online training followed by an online examination. After the programs were conducted online, recorded sessions were made available through an “On Demand, Video Streaming Facility” so that the certifications can be availed on tap by interested persons.
Those professionals who have completed all the three programs were further recognized as “Certified Global Privacy and Data Protection Consultant” or “Certified Global Privacy and Data Protection Auditor”
The Consultant or Auditor so certified have been considered eligible to provide services related to implementation of data protection compliance in organizations and certification of organizations along with an assessment of DTS (Data Trust Score).
It may be noted that most of the persons who are certified under these schemes have also been professionals who might have the experience of similar certification programs conducted by other international orgnaizations like IAPP which conducts certification programs on GDPR and other international laws and have found the FDPPI certifications extremely valuable.
The objective of FDPPI certifications is to ensure that there is an distinctive knowledge enhancement and evaluation of understanding through examination so that the certified persons can be expected to be useful to their respective organizations. It is not simply experience based nor on mere attendance of training programs. This has been appreciated by all the professionals.
In the event the Indian Data Protection Authority introduces any criteria for accrediting Data Protection Auditors or Data Protection Officers, FDPPI certified professionals are likely to start with an advantage in terms of the knowledge requirements.
FDPPI has guaranteed that all those who have currently undergone the training for Module I on Indian laws will be provided with a one time n additional bridging session when the Personal Data Protection Bill 2019 becomes a full fledged laws.
Subsequently programs for continuing education would be introduced so that Certifications can be kept current.
Since CDPP programs of FDPPI also cover global laws such as GDPR, CCPA, Singapore PDPA, DIFC-DPA, LGPD-Brazil, HIPAA etc., the programs are considered “Made in India for the World” category of service.
The second most important contribution of FDPPI to the Data Protection world has been the introduction of the “Personal Data Protection Standard of India” or PDPSI. A concept which was pioneered by Naavi has been developed and fine tuned into a system which today provides a framework for compliance both as a self implementation mechanism by organizations as well as a Certifiable standard.
The uniqueness of PDPSI is that it is a “Unified” framework that can be used for simultaneous compliance of multiple data protection laws such as Indian PDPA along with GDPR. The sub modules of PDPSI framework provide the adaptability to different data protection laws that can be applied in an organization which has exposure to multiple jurisdictions.
Further PDPSI automatically incorporates the evaluation of the Data Trust Score (DTS) which is a measure of the Data Protection compliance maturity of an organization and is mandatory under the Indian law.
FDPPI has now set up a mechanism for Certifying an Organization through accredited PDPSI auditors.
A Unique feature of the PDPSI audits is that the audits are registered with FDPPI along with DTS and the auditee organization is provided with support subsequent to the completion of the audit through a “Mentoring” program with a limited quarterly consultation to clear any doubts in implementation. Though these are not “Review Audits”, they provide an opportunity for the auditee organizations to tap the experts of FDPPI to get some quick clarifications critical to their implementation of PDPSI compliance suggestions.
PDPSI is another unique “Made in India for the World” contribution of FDPPI. It is an open standard and will relieve the complying organizations from the burden of proprietary international standards.
One of the recent services that has been introduced is the setting up of DPERT or Data Protection Emergency Response Team on the lines of the CERT organizations that function in the domain of Cyber Security.
The DPERT would be a team of experts chosen by FDPPI and would provide some quick suggestions for any reference from organizations who report any suspected Personal data breaches.
DPERT will work in close association with the law enforcement authorities and regulators and assist the companies in taking right decisions in times of a crisis.
DPERT will remain a free service to the society and where an in depth consultancy is required, will guide the companies accordingly.
DDMAC or Data Disputes Mediation and Arbitration Center is another unique service that FDPPI is bringing to the society and is in the final stages of introduction.
DDMAC is a platform which can be used both offline and online for dispute resolution in the Data Processing industry. DDMAC will develop a set of neutrals who are experts in data related regulations and also trained in the art of Mediation and Arbitration. It will be available to be used by Data Fiduciaries and Data Principals to redress their grievances through ADR processes including Mediation and Arbitration.
In order to ensure that knowledge dissemination to professionals occurs in a formal manner, apart from the information made available through the website of FDPPI, a journal titled “Data Protection Journal of India” has been started by FDPPI in 2021. The journal will be available at www.dpji.in.
Future Developments in pipeline
The above narration captures some of the developments in FDPPI till date. We will update this further. FDPPI is negotiating several collaborations some of which will fructify shortly. FDPPI is also working on additional projects including an award for the “Data Protection Champion” etc.
FDPPI has more than 150 professional members today and each one of them is an expert in his own domain. FDPPI being an aggregation of these professionals it has all the strengths of these professionals within its umbrella. FDPPI’s strength is therefore not limited to its employee force and hence when the full potential of its members is harnessed, it will be one of the biggest Data Protection Consultancy organizations in India.
Let us look forward to glorious days ahead and welcome more members to join this movement.